CVSS: 7.5EPSS: 7%CPEs: 17EXPL: 0CVE-2006-4406
https://notcve.org/view.php?id=CVE-2006-4406
Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en PPP de Apple Mac OS X 10.4.x hasta 10.4.8 y 10.3.x hasta 10.3.9, cuando PPPoE está habilitado, permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados. • http://docs.info.apple.com/article.html?artnum=304829 http://labs.musecurity.com/advisories/MU-200611-01.txt http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017305 http://www.kb.cert.org/vuls/id/870960 http://www.osvdb.org/30732 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 https: •
CVSS: 5.0EPSS: 4%CPEs: 9EXPL: 0CVE-2006-4408
https://notcve.org/view.php?id=CVE-2006-4408
The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows remote attackers to cause a denial of service (resource consumption) via certain public key values in an X.509 certificate that requires extra resources during signature verification. NOTE: this issue may be similar to CVE-2006-2940. El Security Framework de Apple Mac OS X 10.4 hasta 10.4.8 permite a atacantes remotos provocar una denegación de servicio (agotamiento de recursos) mediante determinados valores de clave pública en un certificado X.509 que requiere recursos extra durante la verificación de la firma. NOTA: este problema podría ser similar a CVE-2006-2940. • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017298 http://www.osvdb.org/30730 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 •
CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 0CVE-2006-4410
https://notcve.org/view.php?id=CVE-2006-4410
The Security Framework in Apple Mac OS X 10.3.9, and 10.4.x before 10.4.7, does not properly search certificate revocation lists (CRL), which allows remote attackers to access systems by using revoked certificates. El Security Framework en el Apple Mac OS X 10.3.9 y 10.4.x anterior a la 10.4.7, no busca adecuadamente la lista de revocación de certificados (CRL), lo que permite a atacantes remotos el acceso al sistema utilizando certificados revocados. • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017298 http://www.osvdb.org/30728 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 •
CVSS: 5.0EPSS: 1%CPEs: 9EXPL: 0CVE-2006-4407
https://notcve.org/view.php?id=CVE-2006-4407
The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote attackers to decrypt traffic. El subsistema de seguridad de Apple Mac OS X 10.3.x hasta 10.3.9 no prioriza adecuadamente el cifrado de encriptación cuando negocia cifrado compartido fuerte, lo cual provoca Transporte Seguro al usuario, un cifrado más débil que facilita a atacantes remotos desencriptar el tráfico. • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017298 http://www.kb.cert.org/vuls/id/734032 http://www.osvdb.org/30731 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2006-4398
https://notcve.org/view.php?id=CVE-2006-4398
Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 allow local users to execute arbitrary code via crafted service requests. Múltiples desbordamientos de búfer en el servidor Apple Type Services (ATS) en Mac OS X 10.4 hasta 10.4.8 permite a usuarios locales ejecutar código de su elección mediante peticiones de servicio artesanales. • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017301 http://www.kb.cert.org/vuls/id/800296 http://www.osvdb.org/30738 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 •